Quantum voting based on conjugate coding: Difference between revisions
(Created page with "This example protocol implements the task of E-voting. The participants in this family of protocols are one or more election authorities, the tallier, and the voters. The elec...") |
|||
Line 22: | Line 22: | ||
==Properties== | ==Properties== | ||
'''Verifiability''': An adversary can change the vote of an eligible voter when the corresponding ballot is cast over the anonymous channel. | * '''Verifiability''': An adversary can change the vote of an eligible voter when the corresponding ballot is cast over the anonymous channel. | ||
'''Privacy''': EA can introduce a “serial number” in a blank ballot to identify a voter and therefore violate privacy. | * '''Privacy''': EA can introduce a “serial number” in a blank ballot to identify a voter and therefore violate privacy. | ||
The security of the protocol relies on a quantum problem, named one-more-unforgeability, and the assumption that it is computationally hard for a quantum adversary. | The security of the protocol relies on a quantum problem, named one-more-unforgeability, and the assumption that it is computationally hard for a quantum adversary. | ||
== Requirements == | == Requirements == |
Revision as of 06:49, 10 February 2021
This example protocol implements the task of E-voting. The participants in this family of protocols are one or more election authorities, the tallier, and the voters. The election authorities are only trusted for the purpose of eligibility and the voters do not share any entangled states with neither EA nor T in order to cast their ballots.
Assumptions
- The election authorities need to be trusted only for the purpose of eligibility; privacy should be guaranteed by the protocol against malicious parties.
- Existence of anonymous channel and authenticated channel.
Outline
In the beginning, the election authority chooses a vector for encoding ballots which will be kept secret from the tallier until the end of the ballot casting phase. Then the EA prepares w=polynomial(n) fragments that constitute a blank ballot and sends them to voters by an authenticated channel. After reception of the blank ballot, each voter re randomizes it and then applies a unitary to the blank ballot fragment and encodes the candidate of choice in the (n + 1)th-qubit of the last blank ballot fragments.
Finally, she sends the ballot to the tallier over an anonymous channel. Once the ballot casting phase ends, the election authority announces the vector to the tallier so the tallier can decode each cast ballot by measuring it in the correct basis and announces the election result.
Notations
- voter
- c: number of possible candidates
- N: number of voters
- vote of voter
- T: tallier
- n:security parameter
- EA: election authority
Properties
- Verifiability: An adversary can change the vote of an eligible voter when the corresponding ballot is cast over the anonymous channel.
- Privacy: EA can introduce a “serial number” in a blank ballot to identify a voter and therefore violate privacy.
The security of the protocol relies on a quantum problem, named one-more-unforgeability, and the assumption that it is computationally hard for a quantum adversary.
Requirements
- a quantum anonymous channel between voters and tallier
- an authenticated channel between voters and the election authority.
- Measurement Device for the tallier.